NEWBIE help for subdomain not working

I did review that yesterday… jennifer.dellazanna.com is on one level away from dellazanna.com, so it is not too deep.

I can’t access the sub if I have the CNAME DNS record with an Orange Cloud.

Sandro said… in this thread "Does your server IP address end in 246?

If so, that was not stellar advice :wink: as there’s no proper certificate in the first place which could be working fine :

I assume you’ll also have a broken encryption mode selected on Cloudflare → Why you should choose Full Strict, and only Full Strict. Double check that as well."

So… they said the domain does not have a “proper certificate” not sure how to determine that or correct it.

That might be the original certificate from GoDaddy. Best practice on certs is to include, literally, dellazanna.com and *.dellazanna.com. This is typically the default for Cloudflare’s Origin CA cert.

I don’t know why the top image didn’t include the www or jennifer subdomains.

If you paste the certificate text (not the key text…that’s supposed to be a secret), this tester should show you which hostnames it’s valid for. It should be the domain plus the wildcard subdomain.
https://www.sslshopper.com/certificate-decoder.html

Dam, I think you might be correct, but no idea how to fix it. I had a free SSL Cet through ZEN plug in. This is what I got when I ran it through thta site.

Certificate Information:
Common Name: dellazanna.com
Subject Alternative Names: *.dellazanna.com, dellazanna.com
Valid From: July 20, 2021
Valid To: October 18, 2021
Issuer: R3, Let’s Encrypt Write review of Let’s Encrypt
Serial Number: 039569c1913b2e16c0d7c447fa6c0a5af8ea

I contacted Zen after GoDaddy said they had to delete the cert… and Zen said they do not save anything. (again I do not understand the process).

Is there a way to get rid of all certificates and start fresh…

That’s all up to the host. It’s their server. Cloudflare only provides an Origin cert in a pinch.

My certificate was stil from the old Free SSL. GoDaddy could see the CloudFlare Certificate, but it was no associated with any domain— That is what he said.

GoDaddy walked with through deleting it and all SSL certificates and he manually deleted it from the server.

I would like to start over with CloudFlare… start from scratch, so I know I followed the steps in order. I made a Cert Signing Request. Any Red Flags I should be aware of deleteing the domain and starting over?

I read “If DNSSEC is activated via Cloudflare, remove the DS record from the registrar configuration in the DNS app before removing your Cloudflare domain.” and I did that.

Turn off DNSSEC at your domain registrar, and change the name servers back to GoDaddy.

Then back to this:

Thanks to GoDaddy’s Tech Support my original SSL problem ended up being unrecoverable. Many Thanks for your help and patience.

Called GoDaddy for help with the persistent expired SSL cert from ZEN that I tried to delete several times. GoDaddy walked me through re-deleting the SSL CERT and when they checked they still found it on their server. Whatever they did after that— I lost my main domain completely and somehow they corrupted my subdomain. I tried to restore both with backups—still did not work. Figured it might be easiest to just delete everything and start over. They wanted me to pay for a Tech Support package–after they trashed it.

After seeing the video below, I understand how my questions must have frustrated you. I was done in 10 min. A key stumbling point for me was that I did not know that Origin Certificate is the same as Certificate CRT. Thanks for everyone’s help. Now setting up the sites this weekend.

1 Like

Sub-Domain Advice

I just installed a basic fresh install of Word Press on a subdomain.

My main domain was able to show the generic WP site and I could log in to the site and setup the page

I did the same for my sub-domain jennifer.dellazanna.com and the site does not show the generic WP site. It shows coming soon.
PIC

When I try to log-in to word press part of the site I get a 404 error.

Also—it might be related to this

I read that when I am using Free CloudFlare account that my subdomain sites must be addressed without “www” or HTTPS://.

I have cleared my cache on my browser

I enter only jennifer.dellazanna.com in my browser

The browser converts it to https://jennifer.dellazanna.com/ and loads the Coming Soon page.

I have the following DNS Setting

Thanks for any help.

I can NOT stress this enough:

1 Like

I had it off initially when I was setting it up and had the same issues. I searched the Community Forum for the topic and saw one that instructed the person that it should be ON, so I turned it back on. Maybe I read it wrong.

I just shut it off again and will give it a at least 5 minutes to take effect. I have a little triangle next to it saying it was changed a few seconds ago. I will wait until that is gone and try to log back in.

I am not sure what aspect of building the website I need to check or do to to address your comment “it needs to work with HTTPS” before adding the site.

Thanks again…

This is an example of a site not working with HTTPS:

I do not mean to bother you over the weekend… I had no expecations that someone woruld respond. SO extra THANKS.

You were right again… I shut it off and waited 10 min, I now have access to the site. Not sure why it did not work last time I had it off. BUT I am sure it was human error on my side.

Yes, That is the page I see… I did not relize that that is the page shown when the site does not work with HTTPS.

I managed to install my WP Theme and will start stting stuff up. I just do not know what I need to do on the WP side/site to make sure it works with HTTPS.

Thanks again.

Gary DZ

1 Like

Sorry, I still have the question about making sure my site will work with HTTPS. I thought it was fixed – since it worked all day. I changed the DNS record to grey. Made a bunch of changes (not knowing what I needed to do to make it SSL compatible) I turning it back to Orange. I managed to access it with HTTPS and Open/Edit the page several times today— then it stopped working. Changed it back to gray— and could access it again after about 15-min.

I know it might not sound like it— but I did learn alot over the weekend. :slight_smile:

I am sure everyone is tired of my questions…

I know most issues I’ve had was Human error on my part. But I am starting to think I have a gremlin and/or a curse.

Still have not figured out what I need to do to “make sure” my subdomain is ready for HTTPS. Subdomain was working fine for a day with HTTPS–then stopped. Now only have access when toggle my CNAME for my subdomain to DNS Only (Gray Cloud) in Cloudflare.

Logged into CPanel today I saw an error that I do not have a Valid Certificate.

The Certificate was fine 2 days ago. Wish I had a screen capture.

I have not made any changes to the certificate or my SSL setting in CPANEL

The only thing I did yesterday was toggle the CNAME for my subdomain to DNS Only (Gray Cloud) on the Cloudflare site —when I lost access to the subdomain all of a sudden yesterday.

I checked my CRT Certificate and CA Bundle. The CA Bundle looked empty in CPANEL, so I re-installed it. It told me it was already installed.

CPanel CABUNDLE Installed BUT

I got the CA Cert here… RSA version

Any idea why the Certificate is no longer valid or what I did to mess it up?

What is the best way to correct?

Would it be best to Revoke all Certificates and delete and start over? I have nothing left to try.

ALSO Do I need to ask GoDaddy to set something on the server on their end so my Subdomain will work with HTTPS? I was told to Make Sure… but not sure what is involved with that. It was working for a couple days… I thought I was done with this problem.

LAST POST…

Just got off the phone with Godaddy… The Server support could not explain it, but there was a Godaddy Issues Certificate in my Subdomain and their server record for jennifer.dellazanna.com wrong–not part of c-panel.

It was fine 2 days ago. He deleted it and remade it and it seems to be working correctly.

GoDaddy has cause me a lot of headaches the past few week

THANKS for everyone’s help.

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.